CISSP: Physical (Environmental) Security

Question 0

2. Electrical fires are classified as what type of fire and use what extinguishing methods?

A. Class B; CO2 or soda acid
B. Class B; CO2 or FM-200
C. Class C; CO2 or FM-200
D. Class A; water or soda acid

Answer 0

C. Class C; CO2 or FM-200

Class B fires consist of burnable fuels and are extinguished by using CO2, soda acid, or FM-200. Class A fires consist of common combustible materials. Review “Physical Security Threats.”

Question 1

1. The three elements of the fire triangle necessary for a fire to burn include all the following except

A. Fuel
B. Oxygen
C. Heat
D. Nitrogen

Answer 1

D. Nitrogen

The fire triangle consists of fuel, oxygen, and heat. Review “Physical Security Threats.”

Question 2

3. A prolonged drop in voltage describes what electrical anomaly?

A. Brownout
B. Blackout
C. Sag
D. Fault

Answer 2

A. Brownout

A blackout is a total loss of power, a sag is a short drop in voltage, and a fault is a momentary loss of power. Review “Physical Security Threats.”

Question 3

4. What type of cabling should be used below raised floors and above drop ceilings?

A. CAT-5
B. Plenum
C. PVC
D. Water-resistant

Answer 3

B. Plenum

Cat 5 cabling can be either plenum or PVC-coated. PVC cabling releases toxic vapors when burned. Both PVC and plenum coatings are water resistant. Review “Designing a secure facility.”

Question 4

5. In order to deter casual trespassers, fencing should be a minimum height of

A. 1 to 3 feet
B. 3 to 4 feet
C. 6 to 7 feet
D. 8 feet or higher

Answer 4

B. 3 to 4 feet

Fencing of 1 to 3 feet might deter a toddler or a duck! 6 to 7 feet is too high to climb easily. Eight-foot-tall or higher fencing (that includes three-strand barbed wire at the top) can deter a more determined intruder. Review “Fencing.”

Question 5

6. Three types of intrusion detection systems (IDSs) used for physical security include photoelectric sensors, dry contact switches, and which of the following?

A. Motion detectors
B. Anomaly-based
C. Host-based
D. Network-based

Answer 5

A. Motion detectors. Anomaly-based, host-based, and network-based systems are types of intrusion detection systems (IDSs) used for computer systems and networks. Review “Intrusion detection.”

Question 6

7. A water sprinkler system in which no water is initially present in the pipes and which, at activation, delivers a large volume of water describes what type of system?

A. Wet-pipe
B. Dry-pipe
C. Deluge
D. Preaction

Answer 6

C. Deluge

A wet-pipe system always has water present in the pipes. A dry-pipe system is similar to a deluge system but doesn’t deliver a large volume of water. A preaction system combines elements of both wet- and dry-pipe systems. Review “Suppression systems.”

Question 7

8. Portable CO2 fire extinguishers are classified as what type of extinguishing system?

A. Gas-discharge systems
B. Water sprinkler systems
C. Deluge systems
D. Preaction systems

Answer 7

A. Gas-discharge systems

Water sprinkler systems are fixed systems that discharge water. Deluge and preaction systems are types of water sprinkler systems. Review “Suppression systems.”

Question 8

9. Which of the following extinguishing agents fights fires by separating the elements of the fire triangle, rather than by simply removing one element?

A. Water
B. Soda acid
C. CO2
D. FM-200

Answer 8

D. FM-200

Water fights fires by removing the heat element. Soda acid fights fires by suppressing the fuel element. CO2 fights fires by removing the oxygen element. Review “Suppression systems.”

Question 9

10. Production of Halon has been banned for what reason?

A. It is toxic at temperatures above 900°F.
B. It is an ozone-depleting substance.
C. It is ineffective.
D. It is harmful if inhaled.

Answer 9

B. It is an ozone-depleting substance

Halon does release toxic chemicals at temperatures above 900°F and is harmful if inhaled in concentrations greater than 10 percent, but its production wasn’t banned for these reasons. Review “Suppression systems.”

Question 10

What are the five categories that a physical security program should detail when considering the threats and countermeasures that apply?

a. Deter, detect, react, sustain, and maintain
b. Deter, delay, respond, sustain, and maintain
c. Deter, delay, detect, assess, respond
d. Deter, delay, assess, respond, and confirm

Answer 10

C. When developing a physical security program, countermeasures should be implemented to:
Deter: Convince the attacker not to attack.
Delay: Slow down the penetration of the intruder. Enhances deter and detect.
Detect: Identify the intrusion as soon as possible.
Assess: Identify the severity of the threat, the potential for harm to personnel, and the scale of the potential losses.
Repond: Policies and procedures should dictate how to respond to the various threats, based on the assessment.

Question 11

What is a Faraday cage?

a. An enclosure that provides a complex access control implementation, including mantraps
b. An enclosure that prevents all emanations from exiting or entering the area enclosed by the cage
c. A wired room enclosed by a cage that does not allow entry to any unauthorized individuals and has only one way in
d. The copper shielding around twisted-pair wiring that provides additional emanations protection and strength

Answer 11

B. A Faraday cage is an area, mobile room, or entire building that is designed with an external conductive sheathing that reduces or prevents emanations from exiting or entering the area.

Question 12

What are the two types of uninterruptible power supplies?

a. Internal and external
b. Online and offline
c. Internal and offline
d. Online and standby

Answer 12

D. During normal use, the standby UPS connects supported systems (the load) to the primary AC power through surge suppression filters. Parallel to that, it charges a bank of batteries. When the AC power fails, the UPS detects the failure and switches to providing power from the batteries.

Question 13

What are the four legs of a fire?

a. Fuel, oxygen, contaminants, and chemicals
b. Fuel, chemical reaction, water, temperature
c. Oxygen, fuel, Halon, and temperature
d. Fuel, oxygen, temperature, and chemical recation

Answer 13

D. Combustion requires fuel, oxygen, temperature and a chemical reaction if it is to ignite and continue to burn.

Question 14

What are the five classes of a fire?

a. A, B, C, D, K
b. A, B, C, D, E
c. A, B, C, D, F
d. L, M, N, O

Answer 14

A. The five classes of fires are based on the initiator and what fuels the fire. The five classes are A, common combustibles such as wood, paper and laminates; class B, liquids, such as petroleum products and flammable gas; class C, electrical, which includes electrical equipment and wires; class D, combustible metals such as magnesium, sodium, and potassium; class K, kitchen fires, including grease and oils.

Question 15

What are the four primary results that a suppressant agent should accomplish individually or in conjunction with another agent?

a. Reduce the temperature, reduce the smoke, reduce the free radicals, interfere with the chemical reaction
b. Deluge the environment, capture the smoke, control the flame, open doors in fail-safe mode
c. Reduce the temperature, reduce the oxygen supply, reduce the fuel supply, interfere with the chemical reaction
d. Simply put out the fire

Answer 15

C. The primary activities that suppression agents should perform are to reduce the temperature, reduce or remove the oxygen supply, reduce or remove the fuel supply, and interfere with the chemical reaction.

Question 16

What is the function of security zones?

a. Security zones separate differing levels of security within a facility.
b. Security zones are areas where piggybacking is not allowed.
c. Security zones require armed guards standing at the door.
d. Security zones is the term used for full walls that separate individuals into their appropriate departments.

Answer 16

A. A security zone includes access controls and is a division of areas to provide differing levels of security.

Question 17

Where should a data center be located within a facility?

a. A data center should be in its own facility and should not be combined with any other function of an organization.
b. A data center should be located in the basement of a facility, underground for added protection.
c. A data center should be located on the top floor of the building to ensure that intruders cannot access it from the ground.
d. A data center should be located in the center of the facility.

Answer 17

D. Ideally, the data center should be located in the center of a facility with offices surrounding it. This makes it difficult for an attacker to gain access or damage the data center with an external attack. Avoid plumbing above the data center.

Question 18

What is the difference between a full wall and a partition?

a. A full wall extends from the floor to the ceiling, whereas a partition is only 38 inches high.
b. A full wall is a 4-inch think wall that requires concrete, whereas a partition can be made of wood.
c. A full wall extends from the floor to the roof structure, whereas a partition extends from the floor to the acoustic ceiling.
d. A full wall is an external wall, whereas a partition is an internal wall.

Answer 18

C. A full wall extends from the floor to the roof structure, typically the underside of the roofing material. A partition wall extends from the floor to the framing members that support the acoustic ceiling.

Question 19

What is the function of key management in physical security?

a. Key management is the process of accounting for all keys and spares, auditing the inventory of keys, and having a master key system.
b. Key management is the use of cryptographic keys and how to distribute the certificates to users.
c. Key manager requires every lock to have a unique key, each assigned to only one person within the organization.
d. Key management is a function of the safety warden.

Answer 19

A. To facilitate a proper key management process, an accounting of all keys and spares must be made, and audits of these keys should be conducted frequently. An additional mitigation is to ensure that keys to restricted areas with access-controlled doors are not issued to staff. In case of emergency, keys must be available if the access control system fails; this circumstance will become more procedural and can be dealt with in a number of ways.

Question 20

What are the recommended heights of fences to deter intruders?

a. There are no recommended heights.
b. A height of 3 feet to 4 feet deters casual trespassers; 6 feet to 7 feet is considered too high to climb; and 8 feet deters more resolute intruders.
c. A height of 4 feet to 6 feet deters casual trespassers; 8 feet to 10 feet is considered too high to climb; and 12 feet deters more resolute intruders.
d. It really doesn’t matter; fences are an inappropriate means to deter an intruder.

Answer 20

B. Fences are one of the first lines of defense in a layered defense strategy. 3 feet to 4 feet deters casual trespassers; 6 feet to 7 feet is considered too high to climb; and 8 feet deters more resolute intruders.

Question 21

What is the most effective way to deter an attacker from stealing a laptop?

a. Installing applications that provide GPS functionality
b. Making it against policy to take laptops from the facility
c. Cable locks
d. Keeping the laptop in a backpack and not a laptop bag

Answer 21

C. One of the simplest security mechanisms to deter an attacker from stealing a laptop is a cable lock. This device connects to the frame of the laptop; is long enough to wrap around a solid, fixed object; and uses a lock to secure the laptop.

Question 22

What are the two types of smoke-detecting mechanisms?

a. Photoelectric and rate of rise
b. Ionization and fixed temperature
c. Class A and class B
d. Ionization and photoelectric

Answer 22

D. An ionization smoke detector contains a small radioactive source that creates a small electric charge. A photoelectric smoke detector contains a light-emitting diode (LED) and a photoelectric sensor that generates a small charge while receiving light.